BSCP Exam Survival Guide: What You Need to Know Before the 'Battle'
Introduction
Hello everyone,
It's been a while since I last wrote a blog post. Today, I want to share my journey of obtaining the certificate considered as an "entry-level" in web security, as well as tips and tricks for the exam.
Burp Suite Certified Practitioner (BSCP)
This is a certification from the team at PortSwigger.
The Burp Suite Certified Practitioner (BSCP) is an official certification for web security professionals, from the makers of Burp Suite. Becoming a Burp Suite Certified Practitioner demonstrates a deep knowledge of web security vulnerabilities, the correct mindset to exploit them, and, of course, the Burp Suite skills needed to carry this out.
Overview
Let me quickly go over the exam format (there are already many write-ups out there about this).
The exam includes 2 applications, and for each application, you must exploit 3 vulnerabilities, corresponding to 3 stages — for a total of 6 bugs.
- Stage 1: Gain access to a low-privilege account
- Stage 2: Escalate privileges to admin
- Stage 3: Remote Code Execution (RCE) or read the flag file
You have 4 hours in total to complete both apps.
After finishing the exam, you'll need to submit your Burp project file (ZIP format) for verification.
More details here:
👉 What the exam involves
Study Strategy
Since this cert covers almost all topics in Web Security Academy, I strongly recommend completing at least 90% of the labs to solidify your foundation.
Once you’ve built a strong base, you’ll need a methodical approach to recon.
Recon techniques vary by experience, but I highly recommend you check out Burp’s official mapping guide and apply those techniques:
👉 Mapping the target website with Burp Suite
Next, try to categorize bugs by stage — what stage would this vulnerability likely belong to?
Also, think about their impact — what can they help you achieve?
For example:
- HTTP Smuggling might be in Stage 1
- SSTI might fall into Stage 3
Knowing this ahead of time helps you focus on the right bug types during the exam.
If you're stuck during the exam, check out Micah van Deusen’s blog — specifically Tip #5 where he maps bug types to stages:
👉 Micah's BSCP Review
Personally, after preparing all that, I spent about one month practicing Mystery Labs to improve my recon skills. I asked myself for every topic:
“How would I detect this?”
Finally, take the 2 Practice Exams to get a sense of difficulty:
👉 Practice Exam
Note: The real exam is slightly harder than the practice.
When you're ready — it’s time to pull out that $100 and register for the exam.
⚠️ Note: You’ll need a valid Burp Suite Pro license. Either buy it, borrow it, or try getting a trial (I couldn’t get the trial 😅).
My Exam Experience
Before I took the exam, I read many blogs from others who had failed at least once. I was like, “Damn, sounds tough.” 😬
I scheduled my exam at 8AM on a weekend for peace and quiet. Woke up, chugged a Red Bull, and got to work.
Before starting, you need to:
- Upload your ID
- Enable screen sharing for all your monitors and camera
Then click “Start Exam” and your 4-hour countdown begins.
The first hour was rough — I couldn’t even exploit the first vector to get a low-privilege account 😩
I tried every scanner and tool... nothing worked.
Looked at the clock: just over 3 hours left. I panicked.
I thought about abandoning App-1 to start App-2, hoping it’d be easier.
Looking back, this is the biggest trap — panicking and switching apps too soon can lead to failure.
I gave App-2 five minutes, then decided: screw it. I’ll try hard on App-1 to the end — and worst case, I’ll just retake.
And boom — 10 minutes later, I got in 🎯
Why? Because I had calmed down, stopped acting on instinct, and started asking myself questions like:
“Why does this behave that way?”
After that first breakthrough, I gained confidence.
It only took me another hour to complete the remaining 5 bugs, finishing the whole thing in just over 2 hours.
⚠️ A heads-up: There are rabbit holes in the exam.
Some parameters and functions might look like a bug but are actually not the bug you need.
So always ask yourself:
“What does this parameter really do?”
“What are the other inputs affecting this function?”
Example:
👉 Forum post – not SQLi or Path Traversal
→ Guess what bug it is? 😆
Exam Conditions
Important! Don’t violate these or you could get banned permanently 😱
PortSwigger doesn’t give a detailed list of what’s allowed or not.
But based on community info, there's one key rule:
❌ Do not communicate or attempt to communicate with anyone during the exam.
So, close all messaging apps: Zalo, Telegram, Discord, Messenger, etc.
Even a phone call during the exam could be a problem.
The good news: it’s an open-book exam, so you can use anything you find helpful.
More on that here:
👉 Exam Conditions
Conclusion
To wrap it up — I think this cert is a solid entry point for anyone interested in web security.
Not too hard, not too easy, and it’s affordable for freshers like us.
I hope you’ll soon have that BSCP cert in hand, ready to apply for jobs and step confidently into the world of professional pentesting.
If I could do it — you can too.
Just learn smart, keep a cool head, and push through to the end.
Now go schedule that exam and get it done! 💪